[Samba] Setup LDAPS or other solution for ldap

[matti.kaupenjohann]

> The problem is, the OP doesn't want to join the domain with all their 
> computers. Now you and I know that, to get the best results, it is 
> better to join a domain, somehow we have to convince people of this.

I am convinced but do not understand everything yet:)

If I understand this correct, I join the domain with all our client 
access machines and our servers. I limit the direct authentication to 
our servers via group policies. Now I have as example a guacamole 
instance running on one of our servers. Only the domain-administrator 
and the server-auth-group has login access. For the guacamole service I 
want that my users can connect to guacamole via ldap (or in this case 
via ldaps?). For my test scenario I would use my self signed 
certificates but later in a real scenario we have access to real ones. 
So with this example it sounds like the easiest and best approach with 
kinit and not ldaps. Am I right?

Matti Kaupenjohann

Fachhochschule Dortmund
University of Applied Sciences and Arts

*Kaupenjohann, Matti*
FB Informationstechnik,

Sonnenstraße 96 - 44139 Dortmund
Raum SON-A A615
Tel     0231 9112 9371
matti.kaupenjohann at fh-dortmund.de
www.fh-dortmund.de

Think before you print!